<?php
/**
 * Copyright 2011  SURFfoundation
 * 
 * This file is part of ESCAPE.
 * 
 * ESCAPE is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 * 
 * ESCAPE is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 * 
 * You should have received a copy of the GNU General Public License
 * along with ESCAPE.  If not, see <http://www.gnu.org/licenses/>.
 * 
 * For more information:
 * http://escapesurf.wordpress.com/
 * http://www.surffoundation.nl/
 * 
 * Contact: d.vierkant@utwente.nl
 * 
 * @license http://www.gnu.org/licenses/gpl.html GNU GPLv3
 */
?>
<?php
require_once("escape/saml/include.php");
	
/**
 * Begin SAML login
 * 
 * Begin the SAML login process.
 */
class escape_repositoryui_action_BeginSamlLogin extends escape_repositoryui_Action
{
	public function handleRequest()
	{
		session_start();
	
		/* @var $repository escape_repository_Repository */
		$repository =& $this->requestAttributes['repository'];
		/* @var $repositoryUi escape_repositoryui_RepositoryUi */
		$repositoryUi =& $this->requestAttributes['repositoryUi'];
		
		// check if SAML is enabled
		if(!$repository->config['saml']['enabled'])
		{
			// openid is disabled
			$repositoryUi->displayErrorPage('SAML is disabled.');
			return null;
		}
				
		$returnUrl = $repository->config['server_url'];
		if(isset($_REQUEST['return_url']))
		{
			$returnUrl = $_REQUEST['return_url'];
		}
		
		// build a saml settings object
		$samlSettings = new escape_saml_SamlSettings($repository->config);
		
		// build a SAML authetication request
		$samlAuthRequest = new SamlAuthRequest($samlSettings);
		$url = $samlAuthRequest->create($returnUrl);
		
		// redirect to the identity provider
		header("Location: " . $url);
		
		return false;
	}
}